Abusing Password Reuse at Scale: Bcrypt and Beyond
Date: August 8 2018
Publication: BSidesLV 2018
Source: Currently no known Internet copy of paper.
Abstract or Summary:
In this talk we will cover a new attack methodology based on the concept of “offline credential stuffing”. This approach makes use of large amounts of correlated data and abuses the commonality of user password reuse to efficiently reduce the workload required to attack large lists of slow, salted hashes.
PasswordResearch.com Note: Video of presentation: https://www.youtube.com/watch?v=5su3_Py8iMQ
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.